
<?php
error_reporting(E_ALL);


include_once('../controller/includes/db_access.php');

// we first include the upload class, as we will need it here to deal with the uploaded file
include_once('../controller/class.upload/class.upload.php');
$cli = (isset($argc) && $argc > 1);
if ($cli) {
    if (isset($argv[1])) $_GET['file'] = $argv[1];
    if (isset($argv[2])) $_GET['dir'] = $argv[2];
    if (isset($argv[3])) $_GET['pics'] = $argv[3];
}

// set variables
$dir_dest = (isset($_GET['dir']) ? $_GET['dir'] : 'test');
$dir_pics = (isset($_GET['pics']) ? $_GET['pics'] : $dir_dest);

//beveiliging tegen XSS aanval
function transforme_HTML($chaine, $longueur = null) {
// Aide à empêcher les attaques XSS
// Supression des espaces inutiles.
    $chaine = trim($chaine);
// Empêche des problèmes potentiels avec le codec Unicode.
    $chaine = utf8_decode($chaine);
// HTMLise les caractères spécifiques à HTML.
    $chaine = htmlentities($chaine, ENT_NOQUOTES);
    $chaine = str_replace("#", "&#35;", $chaine);
    $chaine = str_replace("%", "&#37;", $chaine);
    $longueur = intval($longueur);
    if ($longueur > 0) {
        $chaine = substr($chaine, 0, $longueur);
    }
    return $chaine;
}

if ((isset($_POST['action']) ? $_POST['action'] : (isset($_GET['action']) ? $_GET['action'] : '')) == 'multiple') {

    $naam = transforme_HTML($_POST['bedrijfsnaam']);
    $reftekst = transforme_HTML($_POST['reftekst']);
    $reflangtekst = transforme_HTML($_POST['reflangtekst']);
    $plaat = transforme_HTML($_POST['plaat']);
    $aktief = $_POST['aktief'];

     // ---------- SIMPLE UPLOAD ----------

    // we create an instance of the class, giving as argument the PHP object
    // corresponding to the file field from the form
    // All the uploads are accessible from the PHP object $_FILES
    $handle = new Upload($_FILES['my_field']);
    if ($handle->uploaded) {
        
        
        $handle->image_resize = true;
        $handle->image_ratio = true;
        $handle->image_y = 150;
        $handle->image_x = 150;
        
        // yes, the file is on the server
        // now, we start the upload 'process'. That is, to copy the uploaded file
        // from its temporary location to the wanted location
        // It could be something like $handle->Process('/home/www/my_uploads/');
        
        $handle->Process($dir_dest);

        // we check if everything went OK
        if ($handle->processed) {
 
            // everything was fine !

            $q = new Query;
            $q
                   ->insert_into('`referenties`', array(
                '`referentienaam`' => $naam,
                '`korte_tekst`' => $reftekst,
                '`lange_tekst`' => $reflangtekst,
                 '`img1`' => $handle->file_dst_name,
                '`ref_plaats`' => $plaat,
                '`aktief`' => $aktief,
                    )
    );
            
            }
            
        $result = $q->run();
        $insert_id = $q->get_insert_id();
        if ($result && $insert_id > 0) {
         // yes, the file is on the server
        // below are some example settings which can be used if the uploaded file is an image.
        $handle->image_resize = true;
        $handle->image_ratio = true;
        $handle->image_y = 600;
        $handle->image_x = 600;

        // now, we start the upload 'process'. That is, to copy the uploaded file
        // from its temporary location to the wanted location
        // It could be something like $handle->Process('/home/www/my_uploads/');
        
     $handle->Process($dir_dest);

        // we check if everything went OK
        if ($handle->processed) {
            // everything was fine !

            $q_set = new Query;
                        $q_set->update('`referenties`')
                                ->set(
                                        array(
                                            '`img2`' => $handle->file_dst_name
                                        )
                                )
                                ->where_equal_to(
                                        array(
                                            '`referenties`.`referentie_id`' => $insert_id
                                        )
                                );
     
            $result2 = $q_set->run();
            
       
            if ($result2 && $q_set->get_affected() > 0) {
             
            $handle->Clean();
                        
              header('Location: referentie_list.php');
      
              
            }
            
        }
        } else {
            // one error occured
             echo '  Error: ' . $handle->error . '';
             
        }


        // we delete the temporary files

    } else {
        // if we're here, the upload file failed for some reasons
        // i.e. the server didn't receive the file

        echo '  Error: ' . $handle->error . '';
    }
}
?>

<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<!--[if lt IE 9]>
<script
src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<link rel="stylesheet" href="styles/style.css" type="text/css" />
<!--[if lte IE 7]>
<link rel="stylesheet" href="style_ie.css" />
<![endif]-->
<title>dbme!!!!</title>
</head>
<body>
<div id="bloc_page">
<header>
 <a href="#"><img src="../images/dBmelogo.png" alt="referentie" alt="dbme!" /></a>
</header>  
 <nav>
    <?php include_once('header.php'); ?>
</nav>
 <section>
  <aside>
  <!--right side baar -->  
  </aside>
     
  <article> 
        <table border="0" cellspacing="5" cellpadding="5">
            <thead>
                <tr>
                    <th colspan="2">&nbsp;</th>
                    <th></th>
                </tr>
            </thead>
            <tbody>
                <tr>
                    <td colspan="2">
                        <form name="form1" method="POST" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data">
                            <input type="hidden" name="action" value="multiple" />
                            <div>
                                <fieldset>
                                    <legend>referenties</legend>
                                    <p>referentienaam:<input type = "text" name="bedrijfsnaam" value="" placeholder="limelight bv."/> </p>
                                    <p>ref. korte tekst:<textarea name="reftekst" rows="4" cols="40">
                                        </textarea></p>
                                    <p>ref.lange tekst:<textarea name="reflangtekst" rows="8" cols="40">
                                        </textarea></p>
                                    <p>ref. plaats:<input type = "text"  required = "required" name="plaat" placeholder="Amsterdam" /> </p>
                                    <p>foto:<input type = "file"  required = "required" name="my_field" value="" /> </p>
                                    <p><input name="aktief" type="radio"  id="aktief" value="Y" /> Ja <input name="aktief" type="radio"  id="aktief" value="N" /> Nee </p>
                                    <p><input type = "submit" name="submit" value="opslaan" /> </p>
                                </fieldset>

                            </div> 

                        </form>
                    </td>

                </tr>

            </tbody>
        </table>

                  
</article>
 
    <aside>
  <!--right side baar -->
       
        
   </aside>
</section>
 
 <footer>  
<p>Lorem ipsum dolor sit amet...</p>
<p>Vivamus sed libero nec mauris pulvinar facilisis ut non sem...</p>
<p>Phasellus ligula massa, congue ac vulputate non, dignissim at augue...</p>
</footer>
</div>
</body>
</html>